Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 23, 2025, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201 7.5 重要
Network 		ThemeKraft post form ThemeKraft の WordPress 用 post form における脆弱性 New CWE-noinfo
情報不足 		CVE-2024-1169 2025-01-22 15:58 2024-03-7 Show GitHub Exploit DB Packet Storm
202 5.4 警告
Network 		bdthemes prime slider bdthemes の WordPress 用 prime slider におけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-1506 2025-01-22 15:57 2024-03-7 Show GitHub Exploit DB Packet Storm
203 7.3 重要
Local 		Rockwell Automation Arena Rockwell Automation の Arena における初期化されていないリソースの使用に関する脆弱性 New CWE-908
初期化されていないリソースの使用 		CVE-2024-11364 2025-01-22 15:57 2024-12-19 Show GitHub Exploit DB Packet Storm
204 9.8 緊急
Network 		The Biosig Project
Fedora Project		 Fedora
libbiosig 		The Biosig Project の libbiosig 等複数ベンダの製品における二重解放に関する脆弱性 New CWE-415
二重解放 		CVE-2024-22097 2025-01-22 15:57 2024-02-20 Show GitHub Exploit DB Packet Storm
205 4.9 警告
Network 		webtrees.net webtrees webtrees.net の webtrees におけるパストラバーサルの脆弱性 New CWE-22
CWE-31
CVE-2024-22723 2025-01-22 15:57 2024-02-28 Show GitHub Exploit DB Packet Storm
206 9.8 緊急
Network 		Fortra filecatalyst workflow Fortra の filecatalyst workflow における誤った領域へのリソースの漏えいに関する脆弱性 New CWE-472
CWE-668
CVE-2024-25153 2025-01-22 15:57 2024-03-13 Show GitHub Exploit DB Packet Storm
207 9.8 緊急
Network 		アバイア Avaya IP Office アバイアの Avaya IP Office における脆弱性 New CWE-20
CWE-noinfo
CVE-2024-4196 2025-01-22 15:40 2024-06-25 Show GitHub Exploit DB Packet Storm
208 9.8 緊急
Network 		BlackBerry QNX Software Development Platform BlackBerry の QNX Software Development Platform における境界外書き込みに関する脆弱性 New CWE-787
CWE-787
CVE-2024-48856 2025-01-22 15:40 2024-10-8 Show GitHub Exploit DB Packet Storm
209 5.4 警告
Network 		Autolab project Autolab Autolab project の Autolab における不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2024-52584 2025-01-22 15:40 2024-11-18 Show GitHub Exploit DB Packet Storm
210 7.8 重要
Local 		マイクロソフト Microsoft Office
Microsoft 365 Apps 		Microsoft Office Visio のリモートでコードが実行される脆弱性 New CWE-122
CWE-843
CWE-noinfo
CVE-2025-21356 2025-01-22 15:37 2025-01-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 24, 2025, 4:45 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
771 3.3 LOW
Local 		phiewer phiewer In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data. CWE-426
 Untrusted Search Path 		CVE-2024-53407 2025-01-18 07:51 2025-01-16 Show GitHub Exploit DB Packet Storm
772 6.5 MEDIUM
Network 		hirewebxperts passwords_manager The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to insufficient escaping … CWE-89
SQL Injection 		CVE-2024-12615 2025-01-18 07:17 2025-01-16 Show GitHub Exploit DB Packet Storm
773 4.3 MEDIUM
Network 		hirewebxperts passwords_manager The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pms_save_setting' and 'post_new_pass' AJAX actions in all versi… CWE-862
 Missing Authorization 		CVE-2024-12614 2025-01-18 07:17 2025-01-16 Show GitHub Exploit DB Packet Storm
774 7.5 HIGH
Network 		hirewebxperts passwords_manager The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to insufficient escaping… CWE-89
SQL Injection 		CVE-2024-12613 2025-01-18 07:17 2025-01-16 Show GitHub Exploit DB Packet Storm
775 - - - KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input usin… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2025-23207 2025-01-18 07:15 2025-01-18 Show GitHub Exploit DB Packet Storm
776 6.3 MEDIUM
Network 		- - A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/edit_member.php. The manipulation o… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2025-0541 2025-01-18 07:15 2025-01-18 Show GitHub Exploit DB Packet Storm
777 - - - OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can Read system files arbitrarily. - CVE-2024-57252 2025-01-18 07:15 2025-01-18 Show GitHub Exploit DB Packet Storm
778 - - - A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade protection has been identified. - CVE-2023-50738 2025-01-18 07:15 2025-01-18 Show GitHub Exploit DB Packet Storm
779 - - - Cross Site Scripting vulnerability in InformationPush master version allows a remote attacker to obtain sensitive information via the title, time and msg parameters - CVE-2024-57372 2025-01-18 07:15 2025-01-18 Show GitHub Exploit DB Packet Storm
780 - - - Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality (including Chromium Developer Tools) that can result in a … - CVE-2024-52870 2025-01-18 07:15 2025-01-18 Show GitHub Exploit DB Packet Storm